iThemeshttps://ithemes.com
WordPress Backup, Security & MaintenanceFri, 22 Feb 2019 14:42:44 +0000en-UShourly1ithemeshttps://feedburner.google.comWhat is the .htaccess File?http://feedproxy.google.com/~r/ithemes/~3/Wu2GoEgNKKo/
https://ithemes.com/what-is-the-htaccess-file/#respondThu, 21 Feb 2019 21:13:48 +0000https://ithemes.com/?p=48798What is the .htaccess file? The .htaccess file is a powerful website file that controls high-level configuration of your website. On servers that run Apache (a web server software), the .htaccess file allows you to make changes to your website’s configuration without having to edit server configuration files. For example, the most common uses for the .htaccess file […]

]]>What is the .htaccess file? The .htaccess file is a powerful website file that controls high-level configuration of your website. On servers that run Apache (a web server software), the .htaccess file allows you to make changes to your website’s configuration without having to edit server configuration files.

For example, the most common uses for the .htaccess file are:

Add redirections for certain URLs

Load custom error pages, like 404 pages

Force your site to use HTTPS instead of HTTP

Password-protect certain directories on your server

Prevent hotlinking

Using .htaccess files is a powerful tool for managing your server, but it can be tricky. Make sure you are familiar with making changes to your server before you start editing .htaccess files.

Note: Before trying any of the things described below, we strongly recommend you make a backup of the .htaccess file and your entire website (such as with a WordPress backup plugin like BackupBuddy). If you are not comfortable making changes to .htaccess files, you may need to contact a website developer.

.htaccess Location

Note: Apache is configured so all files named .htaccess are hidden. Why? The files have important configuration information and can be used to compromise your server.

Although the file is hidden, the .htaccess file location is most commonly found in your website’s public_html folder.

You can access your .htaccess file in a few different ways:

From your hosting account’s file management (such as via cPanel)

From your FTP client

If you don’t see your .htaccess file in your public_html folder, you may have to check “Show Hidden Files.”

Also note that you can apply different settings to different directories by using multiple .htaccess files. You can, theoretically, create a .htaccess file in any directory on your server by creating and uploading a plain text file.

Generally, you want to minimize the number of .htaccess files on your server because too many configurations can slow your server down. When your server sees a .htaccess file in a directory, it looks for .htaccess files in all the parent directories, too, increasing server resource usage. .htaccess files that are higher up in the file path always take precedence.

How to Edit Your .htaccess file

If you need to edit your .htaccess file, you’ll need to either download the existing file using your FTP client or via your host’s file access system, such as within cPanel.

Your website’s .htaccess file may already contain important settings. If your .htaccess file has existing settings, add the new code to what is already there.

Note: Do not delete the existing .htaccess file unless it is empty or you are absolutely sure it is okay to delete it.

How to Redirect URLs with the .htaccess File

If you decide to change domain names or change the organization of your site, you can set up URL redirects to make sure your website visitors aren’t confused. An easy way to do this is with .htaccess files.

To edit your .htaccess file, you will need to re-create the file yourself and upload it to the server using SFTP.

1. Log into your server via SFTP.

2. Locate and download your .htaccess file. It will usually be located in your content folder. If you don’t have a .htaccess file, you can create a file called .htaccesson your computer to hold your configurations.

3. Open the file via your favorite text editor

4. Add these lines to your file:

# enable basic rewriting
RewriteEngine on

5. Copy and paste your new configurations into the .htaccess file and save the file.

6. Upload this back to the directory you originally took your .htaccess file from.

7. Test your work by going to your website and viewing the pages you wanted to redirect.

You can also use the .htaccess file to redirect individual pages on your website using 301 and 302 redirects.

URL Rewrites with .htaccess

Rewrites are similar to redirects because they also point one target URL to another URL, but this is actually converted by the web server while handling the traffic. Think of it as using a pencil and eraser to change a name as opposed to using a sign to point to the new name.

The most common URL rewrites force sites to have URLs either with or without www in the URL.

Forcing Non-www Site Addresses

When you add this information to your .htaccess file, any visitors who type in www.mysite.com will be sent to mysite.com.

Replace mysite.com with your domain. If you have a different top-level domain (e.g., .net or .org instead of .com), use that top-level domain instead of .com/ Don’t remove the “\” as it is needed for the correct syntax.

Forcing www Site Addresses with .htaccess

Replace mysite.com with your domain. If you have a different top-level domain (e.g., .net or .org instead of .com), use that top-level domain instead of “.com.” Note: Don’t remove the “\” as it is needed for the correct syntax.

Creating a Custom 404 Error Page with .htaccess

What is a 404 page? A 404 page is actually an error message that displays for pages that don’t actually exist on a website. A 404 page usually reads “Page Not Found” but you can also find examples of funny 404 pages that have been customized to give website visitors a better experience.

Error pages are a part of any website. No matter what, website visitors will sometimes encounter error pages. If you use custom error pages, you can turn an error page into a positive experience with funny 404 pages.

Next, we’ll show how to add custom error pages to your websites using .htaccess.

Before you set up your error pages, you’ll need to create your error pages. You can do this however you’d like: hand coding your page, using a site builder or another way. When you’re done building your error page, save the file so it can be uploaded to your server.

Now to set up custom error pages, you will edit your website’s .htaccess file.

1. Before editing your .htaccess file, upload your customized error pages to your server. You can do this via SFTP. Put these files in the content directory for your website.

Forcing Your Site to Use HTTPS with .htaccess

If you want to make sure every website visitor is using a secure (SSL) connection, you can use .htaccess rules to redirect insecure traffic. This will redirect http://mysite.com to https://mysite.com. Of course, this will only work if you have an SSL installed for your domain. To that end, all iThemes Hosting accounts do come with a free Let’s Encrypt SSL.

To redirect every website visitor to a secure connection, add this rule to the .htaccess file for the website you’d like the redirect:

You will need to replace mysite.com with the actual domain of your site.

Password Protecting Directories with .htaccess

During development, testing and creation of your website, you may want to password protect your site until it’s ready for public viewing. You may also have specific pages or web directories you’d like to lock down to specific users. The .htaccess file is a powerful tool to help you accomplish this within the iThemes Hosting framework. Next, we’ll walk through creating a password to protect your website, directories and other components of your site.

1. First, you will need access to the Document Root for the site. This is where you will house the .htaccess file and also the .htpasswd file in order to password protect your site. The file path will look something like this:

/eed292b5.ithemeshosting.com/web/content/

It will be found in the SFTP information section with the title of “Path” on your iThemes Hosting page in Sync. Make sure you are using the FTP Information path and not the UNIX Path.

2. The .htpasswd file should be placed one directory up from the site root and kept separate from the .htaccess file.

Note: Placing the .htpasswd file above the content/ folder is safer since it is not directly accessible via a web browser.

3. You will need to generate the syntax for the .htaccess and the .htpasswd files. You can use any site you’d like but for the purpose of this article, I am using http://tools.dynamicdrive.com.

4. Once you follow the steps to create the files, you will need to place the syntax on your server. If you already have a .htaccess file on your site, you can append the file and add the additional syntax.

5. Upload the .htpasswd file to the location you determined in step 2.

6. Check the permissions of the files to make sure the users you want to have permissions will be able to access them.

Hotlink Protection with .htaccess

What is hotlinking? When creating a website, admins usually add images and other content to make the website look better and add some character. In doing so, you usually upload an image and add it to your pages to be viewed. It is also possible, though not recommended, to use images that have been uploaded by others without needing to download and then upload that image to your site. This is called hotlinking.

Unfortunately, for people whose images have been hotlinked by other websites, they will likely notice an increase in their server resource usage as the new site using those images will be using your server’s resources.

Fortunately, you can prevent this by enabling hotlink protection on your site. Here is how to go through the process of enabling hotlink protection on your site.

1. First, you will need to sign into your site via SFTP

2. You will now need to download the .htaccess file from your /web/content folder

3. Once you’ve got the .htaccess file on your computer you will want to add the following lines to that file:

]]>https://ithemes.com/what-is-the-htaccess-file/feed/0https://ithemes.com/what-is-the-htaccess-file/What is a 404 Page?http://feedproxy.google.com/~r/ithemes/~3/UHFaFECjL6w/
https://ithemes.com/what-is-404-page/#respondThu, 14 Feb 2019 21:19:21 +0000https://ithemes.com/?p=48725What is a 404 page? A 404 page is actually an error message that displays for pages that don’t actually exist on a website. A 404 page usually reads “Page Not Found” but you can also find examples of funny 404 pages that have been customized to give website visitors a better experience. In this post, […]

]]>What is a 404 page? A 404 page is actually an error message that displays for pages that don’t actually exist on a website. A 404 page usually reads “Page Not Found” but you can also find examples of funny 404 pages that have been customized to give website visitors a better experience.

In this post, we will look at why 404s can be a problem for website owners and how to fix them.

Why are 404 pages a problem for website owners?

Besides being a headache for website visitors, traffic to 404 pages can actually be an indication of something more nefarious. If you’re getting a bunch of people hitting 404 pages repeatedly, this might mean that it’s actually a bot looking for a vulnerability to exploit on your site, not a legitimate user searching for content.

Note: If you’re using a WordPress security plugin like iThemes Security, you can enable notifications for people hitting 404 pages on your website.

How do I fix a 404 page?

There are several ways to fix a 404 page, including using a security plugin.

1. Solve with a WordPress Security Plugin

The iThemes Security plugin has a feature just to handle 404 pages. 404 Detection looks at a user who is hitting a large number of non-existent pages and getting a large number of 404 errors. It assumes that a user who hits a lot of 404 errors in a short period of time is scanning for something (presumably a vulnerability) and locks them out accordingly.

This also gives the added benefit of helping you find hidden problems causing 404 errors on unseen parts of your site as all errors will be logged in the View Logs page. After you enable the feature you’ll have several options to help tailor configure it.

Minutes to Remember 404 Error (Check Period)

The Minutes to Remember 404 Error feature allows you to determine when the system should forget that the user hit a 404 page. This means if a customer hits 20 404 pages (or the amount you have set in the Error Threshold setting) within the timeframe you set, they will be locked out.

Error Threshold

The numbers of errors (within the check period time frame) that will trigger a lockout. Set to zero (0) to record 404 errors without locking out users. This can be useful for troubleshooting content or other errors. The default is 20.

404 File/directory White List

Use the whitelist above to prevent recording common 404 errors. If you know a common file on your site is missing and you do not want it to count towards a lockout record it here. You must list the full path beginning with the “/”.

Ignored File Types

File types here will be recorded as 404s but not lead to a lockout.

2. Use 301 Redirects

To redirect individual pages on your website, you use 301 and 302 redirects. A 301 redirect is a permanent redirect, and a 302 redirect is a temporary redirect. These redirects tell the server to send traffic to the new location. They also tell website visitors and search engines where the content has moved. An easy way to do this is with .htaccess files.

.htaccess is a hidden file that is commonly located in your web site’s public_html folder. Your website’s .htaccess file may already contain important settings. If your .htaccess file has existing settings, add the new code to what is already there. Do not delete the existing .htaccess file unless it is empty or you are absolutely sure it is okay to delete.

If you’re having trouble with .htaccess settings, don’t hesitate to contact our Heroic Support team. Some customized settings might require your web developer, but we can help with many .htaccess questions.

To edit your .htaccess file, you will need to re-create the file yourself and upload it to the server using SFTP. Before making any changes to configuration files, we strongly recommend you make a backup of the file. Once you’ve decided what you want to add to your .htaccess file, follow these simple steps:

1. Log into your server via SFTP.

2. Locate and download your .htaccess file. It will usually be located in your content folder. If you don’t have a .htaccess file, you can create a file called .htaccesson your computer to hold your configurations.

3. Open the file via your favorite text editor

4. Add these lines to your file:

# enable basic rewriting
RewriteEngine on

5. Then copy and paste your new configurations into the .htaccess file and save the file.

6. Upload this back to the directory you originally took your .htaccess file from.

7. Test your work by going to your website and viewing the pages you wanted to redirect.

Redirect Web Pages and Whole Websites to Solve 404s

To redirect individual pages on your website, you use 301 and 302 redirects. A 301 redirect is a permanent redirect, and a 302 redirect is a temporary redirect. These redirects tell the server to send traffic to the new location. They also tell website visitors and search engines where the content has moved.

Redirect 301 /old.html http://www.mysite.com/new.html

Replace /old.html with the directory path of your old page and http://www.mysite.com/new.html with the URL of your new page. This will send any visitors who want to access mysite.com/old.html to the page mysite.com/new.html.

You can also redirect a whole website this way.

Redirect 301 / http://www.mysite.com/

This approach is often used to change an existing domain to a new domain name.

404 Pages Solved

Using the methods above, hopefully you can solve the problem of 404 pages on your website.

]]>https://ithemes.com/what-is-404-page/feed/0https://ithemes.com/what-is-404-page/What is phpMyAdmin?http://feedproxy.google.com/~r/ithemes/~3/VQhk-wQ6Ub8/
https://ithemes.com/what-is-phpmyadmin/#respondWed, 13 Feb 2019 21:54:49 +0000https://ithemes.com/?p=48813What is phpMyAdmin? phpMyAdmin is a free software tool that allows you manage the MySQL database of your website. For WordPress websites specifically, the MySQL database stores all the data related to your posts, pages, comments, users, links and more. Occasionally, while managing your website, you may come across something that requires you to directly […]

]]>What is phpMyAdmin? phpMyAdmin is a free software tool that allows you manage the MySQL database of your website. For WordPress websites specifically, the MySQL database stores all the data related to your posts, pages, comments, users, links and more.

Occasionally, while managing your website, you may come across something that requires you to directly access your MySQL database.

Note: The use of phpMyAdmin for website database management is considered advanced. If you are unfamiliar with this type of database administration, then it is recommended that you seek help from your website developer.

How Do I Access phpMyAdmin?

You can access phpMyAdmin from your website hosting account. Depending on your hosting account configuration, you should see a direct link to login to your phpMyAdmin.

For example, with iThemes Hosting, you have access to phpMyAdmin where you can go to handle many of the needs for your website’s database.

You need 3 main things to start, all of which you can get from the Database Information section of your iThemes Hosting management page.

ou’ll also need the database server which you can see from the example above is mariadb-035.wc1.lan3.stabletransit.com.

The database username which in this example is 2015039_eed292b5. You will then go ahead and select the Login link under phpMyAdmin.

This will bring you to the phpMyAdmin login screen where you will enter the database username and password then locate the database server from the drop-down menu.

Once you enter that information, you will be logged into phpMyAdmin.

phpMyAdmin Settings

When you access phpMyAdmin, the center section is your settings and basic MySQL server information by default.

Here you can adjust languages, themes, font, size and many other things. You can also find information specific to your database server and web server from the right-hand menu.

Your Website Database Information

Your database information can be viewed from the left-hand menu. This is where you would select the database you wish to work with.

information_schema will be present for all of your databases and can be disregarded. The main database that you are interested in will be listed above that. You will click on that database to open the database menu.

From here, you can make modifications to your tables directly, including updating information and deleting content from your site.

Note: We strongly recommend making a database backup of your database using a WordPress backup plugin such as BackupBuddy before you make any changes.

As mentioned previously, phpMyAdmin database administration is an advanced skill so please be sure to speak with your website developer if you are unsure about changes that need to be made.

]]>https://ithemes.com/what-is-phpmyadmin/feed/0https://ithemes.com/what-is-phpmyadmin/5 Questions for Chasing Your Dreams and Finding Successhttp://feedproxy.google.com/~r/ithemes/~3/wYYd0pd4q-c/
https://ithemes.com/5-questions-for-chasing-your-dreams/#respondWed, 13 Feb 2019 20:55:44 +0000https://ithemes.com/?p=48756Jeff Goins is a successful writer and entrepreneur. But a few years ago he came to a point where building his business wasn’t working. Everyone thought he was successful: His company made seven figures and he managed a team of 15 people. But he was incredibly stressed. His company was losing money. And he didn’t […]

]]>Jeff Goins is a successful writer and entrepreneur. But a few years ago he came to a point where building his business wasn’t working. Everyone thought he was successful: His company made seven figures and he managed a team of 15 people.

But he was incredibly stressed. His company was losing money. And he didn’t enjoy the work.

While everything told him he needed to build this business so he could pursue his dream, it felt more like a nightmare.

Bigger isn’t always better.

Goins reevaluated what he was doing, talked to business coaches, and even reached out to business guru Seth Godin.

Ultimately, he gave up the seven-figure dream and downsized his company. It wasn’t worth killing himself to achieve a dream.

Too often, as freelancers and entrepreneurs, we start pursuing a dream that isn’t really ours. There are a lot of expectations in the business world, and they don’t always match with what we want.

So let’s explore a few insights and lessons about finding success and chasing your dreams as a freelancer:

If you’re going to chase a dream, you have to make sure it’s your dream.

Be realistic about that dream: we’re talking about work, not winning the lottery.

If you want to find success, you have to define it for yourself.

Ultimately, you have to know yourself and figure out what you want.

That may require some trial and error. It’s OK to experiment as you figure it out.

1. What is Not Your Dream?

I’m a writer, not a developer, so my dreams are a bit different than coders and designers. Once upon a time, I wanted to write the great American novel. That was the dream: working in a secluded office putting pen to paper and creating worlds. I dreamed of that growing up, and I went to college to get a writing degree with that in mind. Realistically, I knew I would have a day job, but the dream was to write that novel.

But I only dreamed of writing a novel, I never actually wrote a novel. The task seemed too daunting and overwhelming. I didn’t write short stories. I didn’t create outlines. I didn’t invent characters or think of intricate plots. I just dreamed of a vague home office and a nice writerly sweater.

It was easier to dream than to do. In the end, I don’t think I had a novel in me. At least, it wasn’t going to be the great American novel.

I was chasing a dream that really didn’t fit. I did get that writing degree and today I make a living as a freelance writer. And I did try to write that novel. I participated in National Novel Writing Month and wrote a couple bad first drafts of novels. I realized that reality is nothing like the dream. It’s hard, difficult work. And I didn’t love it.

That should have been a clue that it wasn’t really my dream.

If it’s truly your dream, you’ll pursue it with all your heart. You’ll stay up late working on it. You’ll do it in your spare time. People will get tired of listening to you talk about it. Even if you can’t pursue the full dream right now, you’ll find a way to work toward it. When it came to the dream of writing the great American novel, I wasn’t doing any of those things. It wasn’t really my dream.

Don’t fall for a dream that’s not your own.

2. What is Actually Possible?

Let’s pop another bubble: Sometimes that dream is unattainable.

G. Willow Wilson is a successful, full-time writer and co-creator of Kamala Khan, the ground-breaking reboot of the Ms. Marvel comic book. Her creation appears in an animated series and is available as a Halloween costume, action figure, and Lego minifig.

But even Wilson has yet to achieve the writerly dream, as she says in this thread on Twitter:

The 'chase your dreams' stuff floating around reminded me of a convo I had with my agent recently–when I started writing full-time, I had this vision of holing up in a garret, working leisurely on one big project at a time. 13 years later? Still a dream.

She later elaborates, “That cozy, quiet garret in which I write the great American novel over the course of, I dunno, three blissfully uninterrupted years? Will never happen.”

Sometimes the dream is just a dream. It’s not reality and it never will be. We’re chasing a shadow.

That’s a reality we need to come to terms with and be happy with what we have. That doesn’t mean you can’t dream of something better or shouldn’t shoot for the stars, but it does mean you need to be realistic about what’s possible. Don’t mistake a fantasy for a dream.

A four-hour workweek might be a wonderful dream and a best-selling book, but that doesn’t mean it’s possible for all of us. Now a four-day workweek, that can be within your grasp.

This lottery-winning dream that we’re going to find ultimate success and be able to work on things we love at our leisure is often an illusion.

“A dream job is usually a lot more like a real job than not.”
-G. Willow Wilson

The fact is you’re most likely going to need to work hard, no matter what, and if you’re lucky you can work hard at something you love. The key is in how we define success.

3. How Do You Define Success?

Whether we’re chasing someone else’s dream or even discovering that your dream isn’t attainable—part of the problem is how we measure success. There are a lot of ways to measure success, but too often we let someone else define it for us.

If you’re going to be happy, you need to define your own success.

When we let other people or society or expectations define our success, we never measure up. It doesn’t quite fit. We’re playing someone else’s game, and we wonder why we can’t win.

“If you feel like you’re losing, change the game you’re playing.” -Jeff Goins

You have to play your own game. Figure out what you’re good at, what you enjoy doing, and lean into that.

Success means different things to different people:

The freedom to set your own hours and pursue your own work.

Having time with your family and not having to think about work.

Paying the bills and not having the stress of responsibility.

Financial independence so you don’t have to worry about work.

We don’t all need to define success as a seven-figure income and a fancy sports car. For a lot of us, that kind of success is going to feel hollow. For a lot of folks, success simply means paying the bills and taking care of their family. There’s nothing wrong with that.

You have to define that goal for yourself, and then figure out how to achieve it. If you just want to pay the bills and not be overwhelmed with stress, you might want to go back to a day job. If you want that financial independence, you might need to build that business. If you want the freedom to set your own terms, then freelancing might be your path to success.

Play your own game. Do what you’re best at, and figure out what success means for you.

And also be aware of the cost of that success. For Jeff Goins, the cost was too high. Freedom has its own cost—you can set your own hours, but you still have to get the work done. So the freedom to spend the day with your kids might mean you work late into the night. What cost are you willing to pay for success?

4. What Do You Actually Want?

In the end, you have to figure out what you want. Jeff Goins opted out of growing his company into a seven-figure behemoth and scaled back to something he enjoyed, all because of the advice he received from Seth Godin:

“Don’t build a business because you want freedom, build a business because you want to run a business.”

So the key is to figure out what you enjoy doing and are good at, and pursue that. There’s always going to be a certain amount of stress and work in any job, but you should also relish the challenge of it.

Maybe your dream is in the work. There are certain things you want to be doing, and that’s what you need to pursue.

Maybe your dream is in the freedom. You want to be your own boss. It doesn’t really matter what kind of work you do, as long as you get to set the terms.

Maybe your dream is a modest living. You want to pay the bills, have time for your family, and not be stressed out. Opting out of the rat race is completely legit.

And maybe your dream is that seven-figure company. If running a business is what you want, then go for it.

The key to all of this is knowing yourself. You have to figure out what you really want. But that’s not always so easy.

5. Are You Ready to Try?

Here’s a final lesson: Sometimes you never know until you try. You just have to see what works. Experiment. Try something and see how you like it.

Jeff Goins didn’t know he didn’t want to run a business until he tried and realized it was killing him.

I didn’t know I wasn’t really a storyteller until I tried writing those novels and realized it wasn’t what I wanted to do.

]]>https://ithemes.com/5-questions-for-chasing-your-dreams/feed/0https://ithemes.com/5-questions-for-chasing-your-dreams/What is SFTP?http://feedproxy.google.com/~r/ithemes/~3/v676e1EYq9U/
https://ithemes.com/what-is-sftp/#respondThu, 07 Feb 2019 21:11:06 +0000https://ithemes.com/?p=48685What is SFTP? SFTP stands for SSH File Transfer Protocol (SFTP) and is a method of secure file management for your website. In this tutorial, we’ll cover why SFTP is a useful website management tool that you need to know and understand to take control of your website. What is SFTP? To understand SFTP, it’s […]

]]>What is SFTP? SFTP stands for SSH File Transfer Protocol (SFTP) and is a method of secure file management for your website.

In this tutorial, we’ll cover why SFTP is a useful website management tool that you need to know and understand to take control of your website.

What is SFTP?

To understand SFTP, it’s helpful to first cover FTP.

FTP (File Transfer Protocol) provides a way to move files from your local computer to your website’s server. However, FTP is not a secure file transfer method and malicious attacks often target FTP.

SSH File Transfer Protocol (SFTP) is a secure file transfer protocol similar to FTP. SFTP performs the same functions as FTP over a Secure Shell (SSH) connection.

Because SFTP utilizes an SSH connection, using SFTP gives you an added level of security while managing your website’s files.

Just like FTP, you can use SFTP with a desktop FTP client. Most FTP clients, like Filezilla, CoreFTP and Cyberduck, support SFTP.

SFTP for Website File Management

SFTP allows you to upload, download and update the files on your website. Many times, especially with WordPress websites, you’ll need an FTP client to make updates to files that are not editable via your WordPress admin dashboard, such as certain theme, plugin and core WordPress files.

Note: Making edits to the files on your website comes with certain risks. Be sure you have a backup of your website before making modifications to website files. We recommend usign a WordPress backup plugin like BackupBuddy.

What is an FTP Client?

To upload files to your website, you need to securely connect your local computer to your iThemes Hosting WordPress hosting account. You do this by downloading an FTP client.

What is an FTP client? An FTP client is a software utility that establishes a connection between your computer and the server where your website resides.

You can choose any FTP client you’d like as there are several great free and open-source FTP clients available. Some common FTP clients include Filezilla, CoreFTP and Cyberduck. If you have never used FTP before, using one of these clients will make the setup easier.

If you haven’t already done so, you may need to edit the FTP Password. This is randomly generated when you first create your iThemes Hosting account and so you will not have this initially. Once you reset the password, you can then use it to login in along with the server and username.

Now that you have your FTP username, password and server, open the FTP program of your choice. In this example, we’ll be using Filezilla, which has a quick connect option.

Note: We recommend you use SFTP with iThemes Hosting by connecting via port 22.

How to Upload Files to your Website Using SFTP

Once you’ve opened an SFTP connection to your server, you’re all set to start uploading the files you need.

We’ll be using Filezilla to demonstrate this, but most FTP clients are simple drag and drop interfaces.

In this example, we’ll upload files to the web/content directory, but you can upload files to any directory you need and have access to.

Follow these instructions to upload files to your website using SFTP:

1. On one side of your screen, you’ll see a listing of directories and files on your local computer. On the other side of your screen, you’ll see a list of directories and files for your iThemes Hosting.

2. Locate the files on your local computer that you want to move to your website. Then click and drag the files to the web folder on your server. Depending on how large your files are, it may take a little bit of time to transfer the files.

3. All done! When you are done uploading files, be sure to disconnect from your server.

Need WordPress Hosting? Check out iThemes Hosting

iThemes Hosting is simple yet smarter WordPress hosting. Designed especially for WordPress website admin tasks with a hosting control panel that’s more like a personal website assistant.

]]>One question we often get in BackupBuddy support is the difference between “traditional” BackupBuddy backups and Stash Live, BackupBuddy’s real-time WordPress backup method. Both WordPress backup methods are ways BackupBuddy can backup your WordPress website and have pros and cons depending on your needs.

Whether you use BackupBuddy’s traditional backup method or Stash Live, one of the most important things you can do for the security of your website is to create frequent backups. Both types of BackupBuddy backups can help you make sure you always have a backup of your WordPress website.

Traditional Backups with BackupBuddy

“Traditional” backups are primarily created on the BackupBuddy > Backup page. In a nutshell, traditional BackupBuddy backups are created on your website’s server. Then, after the backup file is created, BackupBuddy can then send the file to an offsite, remote destination like Stash or Amazon S3.

With BackupBuddy’s traditional backups, you can create your backups manually by going to the Backup page and selecting the type of backup you want to run. You can also schedule Backups to run automatically on a schedule.

To create a scheduled backup, you’ll go to BackupBuddy > Schedules. You can schedule backs to run from once an hour to once a year.

When you create your scheduled backup, you can also determine what type of backup you want to be created for that schedule. And you can create multiple schedules to fit your needs.

For instance, if you add a new post to your site every day, you may want to schedule a database backup to run daily and then a full backup to run once a week.

As you create your scheduled backups, you might also think about where they are stored. By default, when BackupBuddy creates a backup, it is stored on your server. So what happens to that backup if your server is attacked? If it crashes, you lose that backup!

Using BackupBuddy’s Remote Destinations is highly recommended. Whether that’s Stash, Amazon S3, Dropbox, etc. is up to you but we do advise you utilize these offsite destinations.

How is Stash Live Different from Traditional Backups?

Instead of creating a backup when scheduled or manually on your website’s server, Stash Live backs up all of your website’s database changes as soon as they happen. Stash Live takes a daily Snapshot of each individual file and database table. It then sends each of these encrypted Snapshots to our BackupBuddy Stash servers, where it is then compiled and a backup is created and placed in your Stash storage.

In addition to daily Snapshot zip files which are created automatically for you, Stash Live continuously mirrors live changes of your site to our servers. This allows you to retrieve a backup of changes made since the last daily snapshot.

Can I Manually Create a Stash Live Snapshot?

To create a Snapshot of your real-time mirrored files which include all the latest database changes up to the last second as well as recently completed file uploads of media, plugin or theme file changes do the following:

2. Find your site in the listing and click the View Files button to the right of it.

3. In the screen that pops up click the Create Snapshot button at the upper right to create a Snapshot of the latest real-time backup data from the site mirrored to our servers.

4. The Snapshot process will begin. You may stay on the page for progress updates or wait to receive an email with download links for the Snapshot zip files.

What Else Should I Know About Stash Live?

Note: The first initial Stash Live transfer of all of your data may take a long time, from days to even a week or more. The time it takes depends on how many files there are, the size of individual files, the server resources allocated to your site and how much site activity you receive.

The extreme time difference is caused by the overhead needed for sending individual files. There is a great deal of overhead for each and every file transfer. Since we are sending thousands of files instead of a single file, it takes much longer. Each file sent may take 1 or 2 seconds even for the smallest of files. This adds up when multiplied by thousands of files.

Stash Live uses BackupBuddy’s Cron Kicker to keep the files moving along. Site activity or staying logged in on the Stash Live page will help guarantee that the Cron Kicker is moving the process along. Additionally, if no one is accessing the website and initiating crons, there’s no way for the Stash Live process to run itself. To combat this, we’ll periodically load your website when Stash Live is running to help keep the process going. However, this access is not made as often as it if you had the Stash Live page open.

So What’s the Benefit of Using Stash Live Over Traditional Backups?

The backup zip creation process is the most resource intensive part of the backup process. Offloading this process to our servers instead of your website’s server significantly reduces the chance of any problems due to server timeouts.

Although there’s a slow initial backup with Stash Live, subsequent backups are often faster than a normal backup as only changed files are transmitted.

In short, the first Stash Live transfer may take a while, but things should move along much faster in the future. Keeping the Stash Live page open during the first backup can help the process to move a bit faster in some cases.

Once the Stash Live backup is completed, it can be retrieved from your Stash account. Then you can utilize like any traditional backup for migration/restoration.

Should I use Stash Live or Traditional Backups?

The choice between Stash Live and Traditional backups boils down to how busy your website is and how often you make changes/edits. The busier the site, the more often you should create backups. This means that if you have a very busy site, Stash Live might be the best option for you. Unlike traditional backups, Stash Live creates daily Snapshots as well as backing up your database as soon as changes happen.

While Traditional backups can run daily, twice daily, even hourly, keep in mind that these backups are running on your server, and if you have a poor or unreliable host that throttles your resources, you may run into issues with completed backups.

Whether you’re using Stash Live or creating traditional backups, make sure you’re backing up your site!

]]>https://ithemes.com/difference-between-backupbuddy-stash-live-traditional-backups/feed/0https://ithemes.com/difference-between-backupbuddy-stash-live-traditional-backups/10 Ways to Be More Confident as a Freelancerhttp://feedproxy.google.com/~r/ithemes/~3/33f96WDKujQ/
https://ithemes.com/10-ways-to-be-more-confident-as-a-freelancer/#respondFri, 01 Feb 2019 15:20:42 +0000https://ithemes.com/?p=48398Confidence can be a major challenge for freelancers. It’s easy to think freelancers are full of guts and bravado, stepping out on their own ready to be their own boss. But the reality is freelancers aren’t always so confident. A lack of confidence is one of the top things that can stop freelancers from succeeding. […]

]]>Confidence can be a major challenge for freelancers. It’s easy to think freelancers are full of guts and bravado, stepping out on their own ready to be their own boss. But the reality is freelancers aren’t always so confident.

A lack of confidence is one of the top things that can stop freelancers from succeeding. But the painful reality is that nearly every freelancer struggles with confidence. Too often freelancers suffer from imposter syndrome.

What is Imposter Syndrome?

Imposter Syndrome is an inability to internalize your accomplishments and a persistent fear of being exposed as a fraud.

For example, if you’ve ever balked at raising your rates, worried that you can’t possibly charge that much—you’re dealing with Imposter Syndrome. More signs? If you secretly compare your abilities to those around you, and it’s hard for you to accept compliments about your work, you’re probably dealing with Imposter Syndrome.

Do You Have Have Imposter Syndrome? 7 Quesions to Ask

You’ll probably immediately know if you struggle with confidence, but here’s a quick video with 7 great questions to ask yourself from our recent Freelance Leap Year session on confidence:

So instead of letting Imposter Syndrome overwhelm you, work on overcoming it. Here are 10 ways to be more confident as a freelancer:

1. Identify & Address

Identify what’s undermining your confidence, and address it. This can vary wildly depending on the individual and what works or doesn’t work for them. Maybe you don’t have the experience or you lack the skills or you don’t have the business sense. Whatever is holding you back, identify it, and figure out how to neutralize it.

Don’t have the experience you think you need? Nothing like learning on the job.

Do you lack the skills you need? Take some classes.

Don’t know anything about business? Find a mentor. Hire an accountant. Take a class.

2. Face Your Finances

Every freelancer struggles with finances. Finances are a common stressor, and worrying about it can seriously undermine your confidence. Even veteran freelancers can be shaken by the feast or famine cycle of freelancing. So shoring up that bank account can go a long way.

Here are three quick ways to deal with money:

Charge more: Nothing makes you feel more confident like making more money. Worried about raising your rates? Don’t be. The vast majority of the time your clients are happy to pay more. Charge what you’re worth and avoid “resentment pricing.” Learn more about raising freelance rates.

Save more: Having something to fall back on when the jobs dry up can help keep the panic at bay. There’s a big difference between writing a proposal when you absolutely have to get the job to pay your bills vs. being able to fall back on your savings. That kind of desperation is the opposite of confidence. Sometimes you need to be able to say no.

Work more: If you haven’t gone full time yet, hang on to that day job a little longer. Get a part time job if you need to. That safety net can give you the confidence to figure out freelancing.

3. Don’t Got At It Alone

Sometimes freelancing can be a lonely business. You often work alone in a home office or alone in a crowded coffee shop. Especially for an extrovert, all that alone time can be draining.

Find people to connect with. But not just folks to hang out with—be intentional. Find mentors who can help and challenge you. Find fellow strugglers who understand what it’s like and hold each other accountable.

When you have people to talk to who understand the freelance world, things won’t seem quite so strange and alien. You’ll have more confidence moving in this world when you know you’re not alone.

Check out our Freelance Leap Year course to get the help you need to grow your business and join a community of fellow freelancers.

4. Celebrate Wins

Since freelancing can be a lonely business, even when you win big there’s often no one there to exchange high-fives with (except maybe your fellow coffee shop patrons; hey, high-fives with strangers is better than nothing). Sometimes you have to pat yourself on the back.

Take time to reflect on and celebrate your wins. Treat yourself to lunch. Reward yourself with a walk in the park. Take that vacation you’ve been pining for—even if it’s just a weekend away.

“We have to reward ourselves once in a while. It’s easy to feel guilty for doing this, but if you never reward yourself, you’ll burn out.” –Patrick Neve

5. Confront Your Fears

Often a lack of confidence is about a specific challenge that’s holding you back. More than something you just don’t know, it’s something you’re afraid of. The only way forward is to confront your fears.

If you’re afraid of public speaking, start doing it.
If you don’t like giving pitches, give pitches.
If you struggle with talking on the phone, force yourself to make more calls.

The only way to overcome these things is to do them and get better at them.

6. Focus on Your Strengths

Yes, some of this advice has talked about addressing your weaknesses, and that’s important. But it’s also good to lean into your strengths. Often your strengths are where you can have the greatest advantage as a freelancer.

Narrowing in on a freelance niche is always an effective strategy, and when it’s a strength, it’s one where you’ll excel. It’s a good way to be known for something, and that’s a major confidence builder.

7. Never Stop Learning

Growing, learning, and stretching your skills are good ways to build confidence. There’s always something new out there, and rather than be overwhelmed and intimidated by it, devour it. Learn it. Apply it. Then charge for it.

8. Embrace Failure

Everybody makes mistakes. The important thing is to learn from those mistakes and get better. Don’t obsess over a mistake and allow it to undermine your confidence. Learn from failure, change your process, and use it to become better.

Don’t let failure stop you. Use it to move you forward.

9. Don’t Compare

It’s tempting to compare yourself to others in the freelance world. That’s a losing game. There’s always someone who’s more put together, doing better work, making more money, taking more vacation—making you feel less than. But they’ve also been doing it longer, are in a different niche, have different skills, and different priorities. Be your own person. Learn from other people, sure, but don’t get dragged into the comparison game.

If you’re going to compare yourself to anyone, compare yourself to your clients. In their eyes, you’re a magician. You can do things they have no idea how to do, and they’re happy to pay you to do them.

10. Control What You Can

Shonda Rhimes runs a multi-million dollar TV empire (Grey’s Anatomy, Scandal—that’s her), yet she also struggled with confidence. She overcame it by saying yes and embracing a whole series of things. What’s most compelling about her story is many of those things had little to do with work. Being confident in your personal life, where you can control some things, can bleed into your professional life, where you often have less control.

There’s a lot that’s out of your hands as a freelancer. So being on top of the things you can control is one way to build confidence. Dress for success. Exercise. Eat well. Get sleep. If you take care of yourself, you’ll lower stress, you’ll have more energy, you’ll feel better. That won’t fix every challenge you face as a freelancer, but it will make you better able to tackle them.

Move Beyond Struggling to Success

Let’s be honest: A lot of days you’re going to feel a lack of confidence. Even if you do all of the above, you’re still going to have those days. The key is to carry forward.

Eventually, you’ll realize you’ve had fewer of those days and more days when you actually can do it all. You never see the progress in building confidence because it’s not a wall in front of you, it’s a foundation below you. You’re often so busy doing the work that you don’t realize the ground has shifted from shaky to solid.

That’s how you become confident as a freelancer. It’s slow and it happens one day at a time. But you can do it.

Learn More About Freelance Leap Year,A Year-Long Course to Grow Your Business

Do you want your freelance business to take off this year … but don’t know where to start? We’ve built Freelance Leap Year to help you make 2019 the year you get focused and see success and growth in your business, no matter how busy your schedule is.

Designed especially for Freelance WordPress web developers & designers, make 2019 the year you make leaps in your freelance business. Over twelve months, with live training sessions, resources and support from expert Nathan Ingram.

]]>At some point, you may encounter the dreaded 403 Forbidden error message on your website. Don’t panic! In this post, we’ll show a few ways to fix a 403 Forbidden error issue on your WordPress site.

What is a 403 Forbidden Error?

The 403 Forbidden error message means something is preventing access to a certain portion of your website. This could be due to file permissions on the page or an .htaccess rule that blocks access or password protection for certain directories. If you’re running a WordPress website, it could be due to several things specific to WordPress.

What causes a 403 Forbidden Error?

Several things are usually the culprit if you’re seeing a 403 Forbidden error on your WordPress website. We’ll cover them one by one:

WordPress security plugins

File/folder permissions

Deny orders in your .htaccess file

Password protected directories

1. WordPress Security Plugins

Certain rules within your .htaccess file are one thing that can cause you to run into a 403 forbidden error. Typically, these rules are going to be put into place by a WordPress security plugin like iThemes Security that you may have installed. The first place to look when you come across a 403 forbidden error is your security plugin (whether that is iThemes Security or another plugin).

If you aren’t sure what settings of the plugin would handle writing rules to .htaccess, you can easily test by simply temporarily disabling the security plugin and then trying to access the section of the site that previously was not working.

Once the security plugin has been disabled, if you are able to access without a 403 error, then you will want to begin looking through your security plugin documentation for what could be causing the issue.

2. File/Folder Permissions

Another common cause of the 403 Forbidden error is incorrect file or folder permissions. Typically, with a website, you want all files and folders to be set with certain permissions. These are 775 for folders and 664 for files.

Now there are some files and other extenuating circumstances that can result in those needing to be different, but if you want your files or folders to be viewed via a web browser, you’re typically going to need those permissions.

3. Deny orders in .htaccess file

Sections of code can be added to your .htaccess file to prevent access to parts of your website based on certain parameters and thus could result in a 403 forbidden error. As mentioned before, many WordPress security plugins make use of this technique, so it is highly recommended that any security plugins you are using be tested and ruled out as the culprit first.

Once you’ve done that and if you are still having issues, disable the security plugin once more and review the .htaccess file for these Deny orders.

Follow these instructions for attempting to clear out rules in your .htaccess file:

3. Navigate to the /web/content folder and download the .htaccess file. You may need to navigate to the specific folder where you are getting the error and check for a .htaccess file there as well.

4. Open the .htaccess file in your favorite text editor.

5. Look through this file for any code that looks like this:

order deny,allow
Deny from All
Allow from 123.123.123.123

It is important to note that the rules listed are just examples and can be different from what you see. You may not even see an order deny, allow or order allow, deny or other portions of this. The main thing that you will be looking for though is Deny from … The Deny from is what blocks access to the page you are looking for, resulting in the 403 error.

6. If you find a section with a Deny from rule, comment it out in order to test if that was the issue. (You can comment out a line in the .htaccess file by adding a #> in front of the line. So if we use the example above, it would look like this:

order deny,allow
#Deny from All
Allow from 123.123.123.123

7. Once you comment out the line and find no others within the .htaccess file, upload it back to the directory.

8. After the .htaccess file has been uploaded, test the site and see if you are still receiving the 403 error.

4. Password Protected Directories

Finally, you could also see a WordPress 403 error if you are currently attempting to use password protected directories on your website. If you are aware of password protected directories, ensure that you are using the proper username and password.

If your credentials are correct, remove the information you added when setting up the password protected directories and try again.

Fixing a 403 Forbidden Error

Hopefully, these techniques helped you track down and solve your 403 Forbidden Error. Most likely, if you’re seeing a 403 Error on your WordPress site, you can solve it quickly and easily by following these quick steps.

]]>https://ithemes.com/fix-403-forbidden-error-wordpress/feed/0https://ithemes.com/fix-403-forbidden-error-wordpress/The Top 5 WordPress Security Myths Debunkedhttp://feedproxy.google.com/~r/ithemes/~3/EjelETZre-M/
https://ithemes.com/the-top-5-wordpress-security-myths-debunked/#commentsTue, 29 Jan 2019 15:37:47 +0000https://ithemes.com/?p=48424You’ll find a lot of WordPress security advice floating around the internet from well-intentioned people who genuinely want to help. Unfortunately, some of this advice is built on WordPress security myths and don’t actually add any additional security to your WordPress website. In fact, some WordPress security “tips” may increase the likelihood you will run into issues and […]

]]>You’ll find a lot of WordPress security advice floating around the internet from well-intentioned people who genuinely want to help. Unfortunately, some of this advice is built on WordPress security myths and don’t actually add any additional security to your WordPress website. In fact, some WordPress security “tips” may increase the likelihood you will run into issues and conflicts.

In this post and infographic, we’ll bust some of the most popular WordPress security myths so you can have a more informed approach to your website security strategy.

The Top 5 WordPress Security Myths From Thousands of Support Tickets

We have plenty of WordPress security myths to choose from, but we are only going to focus on the top 5 we have consistently seen in over 20,000 support tickets. These conversations were used as a basis for the following criteria to select the top myths:

1. The frequency the myth was mentioned.

2. The number of headaches that the myth caused.

3. The false sense of security the myth gives.

Myth 1: You Should Hide Your /wp-admin or /wp-login URL (Also Known As Hide Backend)

The idea behind hiding the wp-admin is that hackers can’t hack what they can’t find. If your login URL isn’t the standard WordPress /wp-admin/ URL, aren’t you protected from brute force attacks?

The truth is that most Hide Backend features are simply security through obscurity, which isn’t a bullet-proof security strategy. While hiding your backend wp-admin URL can help to mitigate some of the attacks on your login, this approach won’t stop all of them.

We frequently receive support tickets from people who are perplexed at how iThemes Security Pro is reporting invalid login attempts when they have hidden their login. That’s because there are other ways to log into your WordPress sites besides using a browser, like using XML-RPC or the REST API. After you change the login URL, another plugin or theme could still link to the new URL.

In fact, the Hide Backend feature doesn’t really change anything. Yes, it does prevent most users from directly accessing the default login URL. But after someone enters the custom login URL, they are redirected back to the default WordPress login URL.

The truth is that you can’t completely hide the backend login page of your WordPress website. If you were to change the wp-admin URL, you would break your site. Everything you install on your site, including WordPress, assumes that /wp-admin will be in the URL. When you do something as basic as creating a post, you have to go through the wp-admin before you get to /wp-admin/post.php.

Customizing the login URL is also known to cause conflicts. There are some plugins, themes or third party apps that hard code wp-login.php into their code base. So when a hardcoded piece of software is looking for yoursite.com/wp-login.php, it finds an error instead.

What to Do Instead

Myth 2: You Should Hide your Theme Name and WordPress Version Number

If you use your browser’s developer tools, you can pretty quickly see the theme name and WordPress version number running on a WordPress site. The theory behind hiding your theme name and WP version is that if attackers have this information they will have the blueprint to break into your site.

For example, looking at the screenshot above, you can see this site is using the Twenty Seventeen and the WordPress version is 5.0.3

The problem with this myth is that there isn’t an actual guy behind a keyboard looking for the perfect combination of theme and WordPress version number to attack. However, there are mindless bots that scour the internet looking for known vulnerabilities in the actual code running on your website, so hiding your theme name and WP version number won’t protect you.

What to Do Instead

Instead of worrying about hiding the theme or version number, keep your WordPress software up to date to ensure you have the latest security patches. Managing multiple WordPress sites? Save time managing updates with a tool like iThemes Sync.

Myth 3: You Should Rename Your wp-content Directory

The wp-content directory contains your plugins, themes and media uploads folder. That is a ton of good stuff and executable code all in one directory, so it’s understandable that people want to be proactive and secure this folder.

Unfortunately, it’s a myth that changing the wp-content name will add an extra layer of security to the site. It won’t. We can easily find the name of your changed wp-content directory by using the browser developer tools. In the screenshot below we can see that I renamed the content directory of this site to /test/.

Changing the name of the directory will not add any security to your site, but it can cause conflicts for plugins that have hardcoded /wp-content/ directory path.

What to Do Instead

The only reason to be concerned about the content directory is if it contains a plugin or theme with a vulnerability. Again, keeping your themes and plugins up to date is the best way to know you are running secure software.

Myth 4: My Site Isn’t Big Enough to Get Attention From Hackers

This WordPress security myth leaves a lot of sites vulnerable to attack. Even if you are the owner of a tiny site with low traffic, it is still crucial for you to be proactive in securing your website.

The truth is your site or business doesn’t have to be big to gain the attention of a would-be attacker. Hackers still see an opportunity to use your site as a conduit to redirect some of your visitors to malicious sites, send out spam from your mail-server, spread viruses, or even to mine Bitcoin. They will take anything they can get.

Myth 5: WordPress is an Insecure Platform

The most damaging WordPress security myth is that WordPress itself is insecure. This is simply not true. WordPress is the most popular content management systems in the world, and it didn’t get that way by not taking security seriously.

The truth is that the biggest WordPress security vulnerability is its users. Most WordPress hacks on the platform can be avoided with a little effort from the site owners.

Keep in mind that the number one reason for successful WordPress hacks is outdated software. To get a patch for a security vulnerability, you have to keep things updated. WordPress even allows you to enable automatic updates so you don’t have to manually run updates. But some people still don’t make it a priority to update their sites on a regular schedule. So these sites are filled with outdated software that makes them ripe for attack. When a hacker uses a security hole it isn’t a WordPress flaw, it is a user flaw.

Download the Infographic: The Top 5 WordPress Security Myths

Lets Keep Busting WordPress Security Myths

Hopefully, we were successful in busting some myths you’ve heard related to WordPress security. If you hear someone sharing one of these popular WordPress myths, feel free to send this article their way.

If you have any other WordPress myths you would like to bust, please share them in the comments.

]]>https://ithemes.com/the-top-5-wordpress-security-myths-debunked/feed/18https://ithemes.com/the-top-5-wordpress-security-myths-debunked/How to Use the Classic Editor with WordPress 5.0http://feedproxy.google.com/~r/ithemes/~3/C-dH0Iw3Oxg/
https://ithemes.com/how-to-use-classic-editor-wordpress-5-0/#commentsWed, 23 Jan 2019 21:07:39 +0000https://ithemes.com/?p=48148If you aren’t ready to use the new Block editor introduced in WordPress 5.0, don’t worry, you can still use the WordPress Classic Editor to edit your content. In this post, we are going to show you how to use the Classic Editor in WordPress 5.0. After updating to WordPress 5.0, you will notice that […]

]]>If you aren’t ready to use the new Block editor introduced in WordPress 5.0, don’t worry, you can still use the WordPress Classic Editor to edit your content. In this post, we are going to show you how to use the Classic Editor in WordPress 5.0.

After updating to WordPress 5.0, you will notice that the new default editor for posts and pages has changed from the Classic Editor to a new Block-style editor. The Block Editor (called the WordPress Gutenberg Editor) is an entirely new way to edit posts and page content in WordPress. Rather than a single WYSIWYG (What You See is What You Get) composition area, page content is divided into “blocks” that have individual settings and editable regions.

1. How to Use Built-in Classic Block in WordPress 5.0

The WordPress Block Editor introduced in 5.0 includes a built-in Classic Block as one of the block options you can add when composing a post or page. The Classic Block allows you to use the Classic Editor in the new block system. The Classic block is essentially the familiar WordPress WYSIWYG editor crammed into a block.

To use the Classic Block, click the Add Block button, then type classic in the search field and finally click Classic option to add the block into your post or page.

You can edit the content in the Classic Block just like if you were using the classic editor.

Note: If you used the text editor in your workflow, you will now perform those tasks in the new Code Editor.

To access the Code Editor, click the three vertical dots in the top right corner the page to show the more tools and options menu. The more tools and options menu will have options to switch between the visual and code editors.

You can also toggle between the visual and code editors using a shortcode.

2. How to Install & Use The Classic Editor Plugin

If you want nothing to do with the new WordPress Block Editor, you can install the Classic Editor Plugin. ou will find the Classic Editor in the WordPress.org plugin repository as a free plugin download. To install any new plugin from the WP.org repository, click the Add New button.

Clicking the Add New button will take you to the Feature Plugins page. The Classic Editor is currently on the Featured Plugins page, but if you don’t see the plugin, you can use the search field to find it.

Once you find the Classic Editor plugin click the Install Now button. Once the plugin is finished installing click the Activate button to begin using the Classic editor in WordPress 5.0.

After you have installed and activated the Classic Editor plugin, the WordPress editor will be the same as it was in the WordPress version 4.9.8.

As you can see, with the Classic Editor plugin, you’ll be able to compose and edit posts and pages in WordPress as before. Using the Classic Editor may be a great way to keep a site usable for clients until you have time to train them on the new WordPress 5.0 Editor.

A Note on Support for the WordPress Classic Editor

While you do not currently have to learn how to use the new WordPress Gutenberg Blocks, you will eventually need to. The WordPress team will keep supporting the Classic Editor plugin until the end of 2012. But, starting in 2022, the new Block Editor will be the only editor officially supported by WordPress.